Cyber threat forecasts for 2018

The business sector – constant target for malware developers

Banking trojans, ransomware, and crypto-miners -- the main cyber threats predicted for 2018

The financial sector is one the most frequent and, as the past incidents reveal, the most vulnerable target for cyber criminals. Considering the financial losses inflicted by such viruses as Locky, Petya, WannaCry, and BadRabbit, [1] increasing malware awareness has become more relevant than ever before.

According to predictions, by 2021, cybercrime will cause more than $6 trillion financial losses a year[2]. Let us take a look at the nearest future – 2018 – and possible cyber threats relevant to the business and other sectors.

Banking trojans and ransomware – main cyber issues

This specific type of malware recurred in 33% of all malware[3] oriented at the business sector in the first quarter of 2017. With recent media coverage of Zeus Panda virus, developing anti-trojan campaigns and applying effective prevention measures are of crucial importance. Such malware is often delivered in spam emails sent out by botnets.

Likewise, companies should initiate malware education courses for employees. Detailed analysis of ransomware and banking trojan assaults suggest that still, relatively small percentage of company personnel know how to distinguish fake emails or phishing sites. Ransomware is especially destructive for small businesses[4] which do not invest in hiring sufficient technical support assistance.

Recent samples of Zeus banking trojan reveal that now this type of malware contains impressive anti-sandboxing and anti-malware-detection functionalities. Therefore, businesses should practice constant surveillance of their systems and enable automatic or perform manual system and software updates.

Complex passwords – for data protection

Equifax data breach emphasized the crucial importance not only to update business systems but apply proper passwords as well.[5] According to OneLogin, the identity management provider, analysis, less than 31% of business entity owners and IT decision makers in the UK fail to encourage their employees to change passwords monthly.

Furthermore, though modern cybersecurity campaigns suggest using longer passwords comprised of several different characters, signs, and numbers, significantly short and weak passwords prevail in the majority of companies. Besides 2-step verification, fingertip signature might be a sufficient way protecting sensitive data.

Secure Internet connection against phishing sites

If your company specializes in financial transactions and use third-party transaction platforms, make sure they maintain active cybersecurity practices. If you are about to choose such provider, do it wisely. Using shady service providers may not only ruin your reputation but mislead your personnel or customers to phishing sites. Examine such platforms whether they contain necessary virtual security protocols.

Dealing with crypto-miners

As crypto-currency mining has become a viral activity among malware developers and some legitimate online businesses, note that such activity may leave a negative impact on your business. In other words, if your business website shares popularity among visitors, make sure your internal website structure is well protected against crypto-coin miner scripts. Otherwise, crooks may foist the Javascript, mining Monero, bitcoins or another cryptocurrency, into your website, drain your site visitors’ PC CPU resources.

At the very least, such background activity may cost your ruined reputation. Because of that, WordPress site owners should be highly vigilant as well. Cyber perpetrators take higher risks to hack into poorly secured WordPress accounts. Again, it all comes down to how often you apply updates.

About the author
Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions